87a54dc1b482b5a3f168224786abc8c76a42c05e58f4ab3825e1a020852b0ade | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adddd4eb0b435b315bf4fe4eb51a10bc.bin
Size

2KB
Sample

240719-dyxl9sterg
MD5

030e38e60181f9965039df7f6cf22ebb
SHA1

c501838ff3e123e2a31ac2b4a1deb6a64232cc19
SHA256

87a54dc1b482b5a3f168224786abc8c76a42c05e58f4ab3825e1a020852b0ade
SHA512

e3bb2a041281b2aa617cfcb4523d2565116879e36af9689e3c19beb82b8113c7f44c5d868fc5d3532333aca6487ca0d57511cb7f76c6c4ed0f194d7091defd13

Score

8^/10

execution

Malware Config

Targets

- Target
  
  462bab7323a73643e7e932dda4e3304cc222aa1dcb8bfa9b8a9902cd54226c56.bat
- Size
  
  5KB
- MD5
  
  adddd4eb0b435b315bf4fe4eb51a10bc
- SHA1
  
  b4176175f7fce2912ad148d32d6a2319cc318ed6
- SHA256
  
  462bab7323a73643e7e932dda4e3304cc222aa1dcb8bfa9b8a9902cd54226c56
- SHA512
  
  cabe52a6fef9c7b03b880357c90912b3c8f46d699cefa83ddeddb985db92ad2596582ba63f8411659faaf688fc1c2e3b9e2d35c2ba890b4552b2dbb8b38cf07a
- SSDEEP
  
  96:hizFqBWVs2T7dx3W0ANEz1b2iSXae160sUIKRrzzMZERrzzMy+1IQehPBiq8DEyX:IzFz+2T7W/I1/Eae160sU99zzyE9zzOz
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2